DISA adopts Linux standard for Defense apps

An industry standard designed to bring consistency to the Linux open-source operating system has won support from the Defense Information Systems Agency.

DISA this month recommended that Defense Department organizations buy and build applications that comply with the Linux Standard Base, said Rob Walker, DISA's program manager for the Common Operating Environment.

The move could help DOD avoid the fragmentation that has dogged Unix users for decades. Many applications written for one flavor of proprietary Unix won't run under another without recompilation or other massage.

The Free Standards Group of Oakland, Calif., developed LSB to promote out-of-the-box, binary code interoperability of Linux distributions, said Scott McNeil, the group's executive director.'Prior to LSB, there was no definition of Linux, and so it was kind of difficult for organizations to adopt Linux,' McNeil said.

The Free Standards Group introduced LSB in January of last year and began a certification program six months later, McNeil said. By now, all commercial Linux distributions have achieved LSB certification.

For the past seven years, DOD has been working to achieve consistency across the Unix world with COE and the Kernel Platform Certification program, Walker said. With LSB, that kind of policing can be handled by the industry group.

'We now don't have to go through this with the Linux community,' Walker said.Defense CIO John P. Stenbit recently said DOD agencies can use Linux platforms under certain conditions.

More on the creative side

The industry group has a number of test suites to help application developers write software that complies with LSB. They can spend more time developing and less time on interoperability verification, McNeil said.

In related news, IBM Corp. and German vendor SuSE Inc. this month announced that SuSE Linux Enterprise Server 8 has received international Common Criteria security certification, running on IBM eServer xSeries platforms.

Atsec Information Security GmbH in Germany performed the evaluation, they said.

The Common Criteria certification is at Evaluation Assurance Level 2+, known as EAL2+. IBM and SuSE also announced they have applied for the higher EAL3+ certification of SuSE Linux running across IBM's eServer line.

The same server software could meet DISA's COE requirements later this year, IBM and SuSE said.